Posted
Integrations have always been at the heart of ThreatConnect’s product and company strategy. Never has that been more true than when we made the decision to move into the SOAR (security orchestration, automation, and response) market: integrations have become even more vital. A broad and open ecosystem of apps and integrations is crucial for the success of any SOAR platform. So when it came time for us to launch our Developer Partner Program, giving partners the ability to build their own apps and integrations, we don’t just mean business, we meme it.
But before we dive in, allow me to take you on a quick trip down memory lane.
A Trip Down Memory Lane
When ThreatConnect originally launched as a TIP (Threat Intelligence Platform) nine years ago, the goal was always to leverage the power of third-party technologies through integrations. Integrations were at the heart of our product strategy and allowed us to exponentially extend the functionality of the Platform. Through integrations, we were able to combine our own data model and intelligence with third-party technologies that gave analysts real-time insights that helped them more efficiently prioritize and investigate threats, and gave security leadership the tools, insights, and resources they needed to make better business decisions. But when it came to building and developing those integrations, the bulk of the technical load was taken on by internal ThreatConnect teams.
At first, this was great! It allowed us to maintain control over the quality of integrations and ensured that we were closely aligning them with the use cases that our users and customers were requesting. In a handful of short years, it’s really amazing to look at the number of integrations we were able to build, support, and take to market. We’ve worked with some of the top security vendors in the industry and solved some of the most complex and unique business challenges for our customers and prospects.
As the Platform has grown and evolved, it’s become even more integration friendly. A few years ago, we introduced orchestration functionality via ThreatConnect Playbooks. Playbooks allow ThreatConnect users to connect multiple technologies together and easily automate workflows without having to write any code. Even more recently, we’ve added Workflow and Case Management; further allowing SOC and security teams the ability to investigate, track, and collaborate on information related to threats and incidents.
And as the functionality of the Platform increased, so did the requests from vendors wanting to build their own apps. So after years of planning (that’s not hyperbole… we’ve literally been planning this for years), I’m happy to announce that ThreatConnect has officially launched our Developer Partner Program and it is now available to any technology vendor with the interest, resources, and technical ability to build their own app or integration for the ThreatConnect Platform.
So how does it work?
Building an app for ThreatConnect might not be as complicated as you might think. To get started, simply fill out the Become a Partner form on our website. A member of the technology partnership team will reach out to you with a business to kick off the qualifying process.
Business Qualifying
When we chat with a vendor for the first time, we really want to get to know your business. We’ll ask questions about your company, your product, your target market, etc. Through this process, we’re gauging the value of a potential technical partnership. ThreatConnect works with some of the largest, best security vendors in the market. We’ve been successful building these partnerships because we really take the time to understand our partners and how we can best align our goals and expectations to help to drive mutually beneficial business outcomes.
Technical Qualifying
There’s more than one way to integrate with ThreatConnect. In fact, there are many. And let’s be real. All integrations not created equal. At ThreatConnect, we’re not simply trying to push out the maximum number of apps and integrations in an attempt to boost numbers. Quality and value matter.
During the technical qualifying phase, we take a consultative approach. We’ll share with you our best practices, common integration use cases based on your technology type, and provide you with the information you need to ensure that you’re building a valuable integration that joint users can benefit from. We want to help put together an integration that makes sense and highlights the value of both technologies.
Design and Development
Once we get to the design and development phase, we provide you with all the tools and resources you need to build your app. Developer Partners get access to the ThreatConnect Sandbox for development and testing, as well as access to our Tech Partner Slack Workspace so we can communicate with you and your team in real-time. In addition, you can access our robust developer documentation through our Developer Community Site. This site provides you with training, documentation, best practices, common integration use cases, and more. Everything you need to build your app or integration with ThreatConnect.
Launch Phase
For me, this is the most exciting part. We’ve spent all this time time planning and developing this app, and now we get to set it free in the wild and promote it to our joint users. As part of the launch, we’ll host your app on the ThreatConnect Github (this part is optional) along with any accompanying documentation. In addition, we’ll add your integration to our robust list of integrations on the Integrations Page of our website, and we’ll promote our partnership through our Technology Partnerships page. We’ll also work with you on other joint marketing and promotion, whether that be press releases, social media announcements, or other joint marketing collateral.
How long does the process take?
The process of building an app for ThreatConnect might not take a long as you’d think. With the partner primarily responsible for the development of the app, we move at your speed. If you’re looking to satisfy an urgent customer or prospect request, we can move things along quickly. If priorities have shifted and your need isn’t so urgent, we can work with that too. Our team is responsive and flexible, and we’ll work with your timeline.
So, what now?
ThreatConnect’s SOAR capabilities are now available and we’re ready to work with you. Whether you’re a long time ThreatConnect Technology Partner looking to build out some new SOAR use cases, a new vendor looking to bring a new product to market, or somewhere in between, we want to hear from you! To get started, simply fill out the Become a Partner form and we’ll be in touch. We’re excited for all the opportunities the Developer Partner Program brings and the flexibility it gives us to work with new vendors, new technologies, and bring new apps to market.